Web Design – Page 7 – The Web Authority

July 24, 2017July 21, 2017

Hackers: How Do They Get In?

Hackers, how do they get in to your website and hosting account? In today’s wild web, it just seems like sometimes you can’t keep hackers out!

Here’s what happened recently to me. I set up a new hosting account at a quality hosting service (not GoDaddy). The same day I loaded the site files, the site was hacked. Files were loaded and links to malware installed in newly created pages that mirrored my own site pages but with a .shtml instead of .html.

The host told me that all was secure and although the site was in a shared hosting environment that their network was not where the hack came in.

The only thing that I can possibly think of that caused the problem for this non-WordPress site is I emailed the passwords to the client. What the client did with the logins, I do not know. I am not sure if he even tried to login, but doubt it.

The host said that possibly a hacker got into the site via a field in the contact form, but there is a Captcha and tests for validity of information and on top of that no database connection for the form. I am mystified!

What I do know is that sometimes you just do not know how hackers get in, could they tunnel in from the host? Could they intercept logins by email? Could they be trawling the web for new hosting set ups and attack them? Your guess is as good as mine.

One thing I do know is that there is a new hack for WordPress websites that targets new hosting accounts where WordPress installation has not been completed. There are bots that are scanning the web for these new sites and coming in via WordPress setup files and taking control of hosting. Could this type of attack possibly be what I experienced? It is possible.

What I do know if that prompt action to clean up, wipe the server, and change all passwords for hosting and FTP and also no longer emailing logins is our newest protocol.

June 21, 2017June 15, 2017

Want More Sales – What’s Your Polish Look Like?

Be on target to assure you make the right impression with your website.

Your website is all about more sales! That’s the reason you’ve hung out your shingle, but are you hurting leads and sales by having a website that’s not polished enough?

Polish is not about having fashion models in your content photos, although attractive people in your pics will not hurt, it is about the details.

These details communicate visually your professionalism and instill confidence in prospects when they visit. It’s the look and feel and you’ve got 10 seconds to make a favorable impression!

Here are my top polish points to check out on your own site.

Content blocks on the home page
These just must be the same word count and line up horizontally. When you have three different sized boxes it just looks bad.

Blog post excerpts in your footer
Control the word count! There are plugins you can use to assure your excerpt stays the same word count. Make sure to use them so you do not have giant blocks of blog content making the bottom of your website page look like jagged teeth.

Photos with no smiles
Staff photos where everyone looks grim or the business owner is frowning should be updated. Look approachable, you don’t have to be a model, but a pleasant look on your face is important.

Photos where the clothing is too casual
Owner and staff photos are important. If you work in a professional arena like a dentist or doctor – wear a white coat, lawyers – wear a suit, business owners – the higher dollar figure your sale, the more dressed up you should be. Polo shirts and super casual wear is great for your photo if your customers and competitors will be wearing those types of clothes. Careful – what you wear impacts your site’s polish and communicates professionalism.

Blog posts that are off topic that don’t match what you sell
If you blog yourself for your own website, make sure that you create and stick to a content strategy that works to build keyword density and authority for your website. Keep the your website’s polish going by being on topic. Blogging is not your online journal, but rather a way to build authority with search engines and provide new fodder for search engine robots.

If you need help polishing your site, we provide consulting services to help your site improve in appearance and polish. Find out more today.

June 12, 2017June 9, 2017

Tips to Moving Your Law Website Away from FindLaw.com – Part One

We Are a Google Partner Specializing in Search Marketing — We Are a Google Partner Specializing in Internet Marketing

Are you moving your law website away from FindLaw.com due to high monthly payments; sometimes over $2,800? You are not the only law firm that is planning ahead to move out!

As a professional internet marketing consultant, I find it very hard to believe that a $2,800 a month charge is not “bringing home the bacon” in regards to leads. Although FindLaw.com may be the perfect place for some law firms, I have one firm I am working with right now that does not feel that way and has complained about the high costs and low lead numbers.

We are moving this firm away from FindLaw.com and here are some tips to consider if you are considering moving out as well.

Do not wait until the last minute.
FindLaw.com requires a 90 day notice that you are leaving. Don’t miss this deadline or you will be forced to renew another year. That’s what happened to our client. He was so aggravated, that he made a note on his calendar for the next year and contacted us to move.

When you decide to move get started on a new website.
Don’t wait to get started on a new site. You may need 90 days to get your new site up. Although FindLaw says that the site you paid for and “own” (minus all their scripting that makes it work and images that makes your site beautiful) is yours to move, I can tell you that the static site is nearly worthless and you may pay more to try to fix it than to simply start over.

Consider the static site they give you as a temporary “Band-Aid”
The static site we got has missing scripts, missing images, the code is one huge glob, not even readable, navigation elements are missing or in our client’s case weirdly commented out to not show in the source code. Consider this a site you can use only after significant cleanup for one to max. two years.

Push hard and early to get your static site sent to you.
We had to push the FindLaw rep to give us the static site 70 days out from stopping services to allow us time to try to fix anything we could. What we got I would call marginal. Don’t let them give you the static site a few days before you leave. Your webmaster will need a minimum of 30 days to work it over for it to work and look “good”.

Make sure to check back Wednesday for more on moving your site out of FindLaw.

May 29, 2017May 28, 2017

Why You Should NOT Host at GoDaddy – Part One

No, you should not host at GoDaddy. Consistent website and email access are too important and hosting at GoDaddy is not practical if you want to be in business 24/7.

Here’s What Happened to Me at GoDaddy

I have my play/test website www.mccordwebservices.com hosted at GoDaddy. My main website is hosted with Hostway and found at http://www.mccordweb.com. I got a notice from WordFence Premium that my website www.mccordwebservices.com was on the domain and email blacklist with Spamhaus.org, McAfee DNSBL, and CBL.Abuseat.org. These are important sites that Internet Service Providers (ISP) use to decide what sites and email to block. So that notification was labelled critical.

That means that if this had happened to be my main business website any email I would have sent out using my email tied to my domain would have been bounced and set as undeliverable. On top of that the reputation of my business would be tarnished from being blacklisted. As I am in the industry having my site compromised or the appearance of being compromised is even worse.

I called GoDaddy immediately upon receipt of the notification. I was told that no my site was not compromised (I knew that as I practice intense security), but that several accounts on my site’s GoDaddy shared server were compromised, hacked, and sending out spam and possibly malware. With additional research on my own, I found out that one of the offending websites in my shared hosting environment with the same IP block was MichaelClayton.org. (Please do not visit this site as you do not want to get malware.)

I asked GoDaddy what they were going to do about quickly resolving this issue. They said they had notified the offending site owner and that the owner needed to do a cleanup. There was no deadline or time frame shared with me.

I asked GoDaddy to move me to a new server and was told by Tech Support on 5/23 at 9:35 am Eastern Time that a move was not possible and that when I signed up for hosting with GoDaddy, I had agreed to their terms of being on a shared server- meaning I could run into this problem again or in the future.

I asked for a change to my IP address and was told I could buy a dedicated IP address for my site for $75 a year. I pointed out that I was not willing to pay for something to solve a technical issue that was GoDaddy’s job to fix and was told sorry that’s the final answer. I had to pay to solve their problem!

I asked to speak to the supervisor and was put on hold for 20 minutes (I clocked this). When the tech came back on the line, he told me all supervisors were busy and that nothing else would be done for me.

As of today, my website IP is no longer blacklisted! It took 7 days for this issue to be resolved and one listing I had to submit a manual request for removal.

As a professional webmaster who has a number of customers hosted at GoDaddy, I was furious with the response that I received.

Please check back on Wednesday for the rest of the story and my recommendations for hosting and what to do if you are hosted at GoDaddy.